Reposted from CISA/DHS

During the holiday season, you may receive emails or text messages about a deal you just can’t miss, or an opportunity to give for charities you don’t recognize. Sadly, during this season of giving, we must all be on the lookout for scammers who use tactics like asking you to click on a link that installs malware on your device or creating a fake online store to trick you into buying from them, resulting in your money or even your identity being stolen. So how big of a problem are holiday online shopping scams? According to the FBI, almost 12,000 victims reported scams during the 2022 holiday shopping season, resulting in over $73 million in losses. The good news is that Secure Our World has tips to protect you and your family, friends and business from these scams. Visit our Holiday Online Shopping web page for additional tips and to learn more. 

See Original Post

Reposted from CHRTF

Free Online Conference 

When-December 2-5, 2024

Disaster Risk Managment for Cultural Heritage

Focus on Conservation 2024

What are the risks for objects in our collections? What can we do to protect them before, during, and after disaster strikes?

This international conference will look into preparation, response, training, research, and networks to address and mitigate the effect of disasters on cultural heritage.

Participation is free, registration required.

See Original Post

Reposted from EMR-ISAC

Weather and climate change can drastically impact how we prepare for and respond to environmental emergencies.

The State of Michigan’s Department of Environment, Great Lakes, and Energy (EGLE) is hosting a webinar on Wednesday, Nov. 20 at 1 p.m. EDT, The National Weather Service: An Important Partner in Emergency Preparedness, Response, and Recovery. This webinar is part of Michigan EGLE’s Environmental Emergency Preparedness and Response series.

This webinar will feature a presentation from Jim Maczko, a Warning Coordination Meteorologist with the National Weather Service, who will discuss:

• National Weather Service engagement with emergency management in preparedness/mitigation, response, and recovery.
• Weather versus climate and how changes in climate translate into outcomes that affect people.
• National Weather Service flood forecasts- from long-range outlooks to real-time emergency warnings.

Register for this webinar on Zoom.

See Original Post

Reposted from EMR-ISAC

Last month, the U.S. Secret Service’s (USSS’) National Threat Assessment Center released a guide designed to help state and local law enforcement develop programs to prevent targeted violence in the United States.

The guide, Behavioral Threat Assessment Units: A Guide for State and Local Law Enforcement to Prevent Targeted Violence, outlines how state and local law enforcement agencies can develop behavioral threat assessment units (BTAUs). These units are specifically designed to identify, assess, and intervene with individuals identified as posing a risk of violence. The ultimate goal of behavioral threat assessment units should be prevention. A structured behavioral threat assessment process can empower agencies, within all existing legal and constitutional parameters, to prevent future tragedies and loss of life.

The guide lists six steps for creating and operating a BTAU. The steps in the guide describe how agencies can adopt the principles of the Secret Service model to proactively identify and intervene with those who intend to carry out acts of targeted violence in their communities. These steps are not intended to be prescriptive but rather offer a scalable blueprint that can be implemented by agencies varying in size, structure, and resources.

See Original Post

Reposted from CISA/DHS

The Cybersecurity and Infrastructure Security Agency, in partnership with the Federal Bureau of Investigation, National Security Agency, and cybersecurity authorities of Australia, Canada, New Zealand, United Kingdom, published a joint Cybersecurity Advisory (CSA) on 2023 Top Routinely Exploited Vulnerabilities | CISA, covering 47 common vulnerabilities and exposures (CVEs) that were routinely or often exploited by malicious actors last year and each CVE includes associated common weakness enumeration.   A secure by design approach from software manufacturers could have reduced or even eliminated the vulnerabilities listed in this advisory. By prioritizing security during the design and development phase of the product development lifecycle, manufacturers could implement aggressive adversarial product testing, thereby identifying and eliminating software flaws before release. This proactive approach would help close common entry points, harden systems against attacks, and minimize the potential for zero-day exploitation by malicious actors, ultimately protecting enterprise networks and high-value targets from preventable vulnerabilities. 

Compared to our 2022 report, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks which allowed them to conduct cyber operations against higher-priority targets. These actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability. Log4Shell (CVE-2021-44228) remains one of the top routinely exploited vulnerabilities.  A key finding is that international cybersecurity efforts on a zero-day reduces the utility and lifespan of that vulnerability to be used by malicious cyber actors. Those efforts include:  

• Implementing security-centered product development lifecycles that include robust testing environments and threat modeling that is implemented throughout product development.     
• Increasing incentives for responsible vulnerability disclosure, such as bug bounty programs with compensation and recognition to researchers for their contributions.  
• Using sophisticated endpoint detection and response tools such as leveraging EDR solutions that may improve detection rate of zero-day exploits.  

 

End-user organizations are encouraged to implement recommended mitigations in this advisory, including applying timely patches to systems. At the same time, CISA continues work to shift the responsibility of secure software from the customer to software manufacturers and make products Secure by Design.   Although this report is on 2023 activity, the assessment and vulnerability data are relevant and useful because malicious cyber actors continue to exploit older vulnerabilities. Until properly mitigated, these CVEs will continue to pose significant risks to organizations. 

See Original Post

Reposted from HENTF

SAVE THE DATE

FOCUS ON CONSERVATION 2024 – DISASTER RISK

MANAGEMENT FOR CULTURAL HERITAGE

DECEMBER 2–5, 2024, ONLINE CONFERENCE,

FREE PARTICIPATION, REGISTRATION REQUIRED

What are the risks for objects in our collections?

What can we do to protect them before, during and after disaster strikes?

This international conference will look into preparation, response, training,

research and networks to address and mitigate the effect of disasters on cultural heritage.

Save the dates to be part of this four-day online conference – participation is free, but registration is required.

See Original Post

Reposted from ArtSentry

As many museums continue to face tighter budgets, finding efficient ways to maintain high standards with limited resources is essential. Staffing costs, a significant part of museum budgets, require innovative approaches to stretch funds without compromising visitor experience or collection care. Strategies such as community-based cooperative volunteer programs, advanced monitoring technology, and flexible digital staff training can all help museums make the most of their resources, supporting their mission and financial sustainability. Read on for some innovative approaches' museums have used to maximize their staffing resources

Volunteer & Co-op Membership Programs

Innovative cooperative volunteer programs offer museums a powerful way to extend their budgets and bring fresh energy to their operations. By involving community members and young people in roles like exhibit guides and event assistants, museums can reduce staffing costs while creating opportunities for engagement and learning. Museums like the Eiteljorg Museum in Indianapolis, The Museum of Russian Art (TMORA) in Minneapolis, the Smithsonian Institution, and the High Museum of Art in Atlanta offer enticing benefits to volunteers, recognizing their critical role in supporting operations and visitor experiences. Volunteers at these museums often receive perks like free or discounted memberships, admission to special events, and shop discounts. These benefits make volunteering a rewarding, mutually beneficial arrangement, encouraging community involvement while allowing volunteers to immerse themselves more deeply in the museum’s offerings.

Leveraging Technology for Staff Efficiency

Museums increasingly leverage advanced digital tools to enhance security and streamline visitor management. These technologies reduce costs, allowing fewer staff to effectively oversee larger areas without compromising safety. Art Sentry’s camera-based protection system, with its audible alerts and discreet guard notifications, enables each guard to monitor up to three times the typical number of galleries. This optimized guard allocation not only safeguards collections but also creates a more seamless, welcoming environment for visitors, enhancing their overall experience.

Extend the Reach of Digital Collections

Digital collections access initiatives, such as the exceptional digital collections offered by the National Gallery of Art, The Getty, and the Rijksmuseum, allow for a broader reach without requiring a physical presence, indirectly aiding in budget management by lowering in-person visitor surges. Creating online school and group tours and bringing museum stores online can help monetize digital visits. While digitizing collections can be intimidating for museums on a budget, programs and grants are available to help.

Some larger museums and organizations have developed programs to assist smaller institutions in digitizing their collections, promoting access and preservation. The Smithsonian Institution’s Digitization Program Office (DPO) provides best practices and resources to museums looking to digitize their collections, supporting them with high-quality imaging techniques and digitization workflows. Similarly, the British Museum offers its expertise to smaller institutions globally through its Knowledge Sharing Program, guiding digitization processes.

Several U.S.-based grant programs fund digitization for smaller museums. The Institute of Museum and Library Services (IMLS) offers Museums for America and Inspire! Grants for Small Museums aimed to support projects that improve collections access, including digitization. The Council on Library and Information Resources (CLIR) provides grants through its Digitizing Hidden Special Collections and Archives program, which funds the digitization of rare and unique content, enhancing public access. The National Endowment for the Humanities (NEH) also offers grants for Humanities Collections and Reference Resources to support digital access to humanities collections. The Digital Empowerment Project for Small Museums, also funded by IMLS, provides training on digital strategies and collections management for smaller institutions.

These initiatives and collaborations help ensure that institutions of all sizes can participate in the digital preservation and sharing of cultural heritage materials across the United States.

Digitally Training Staff for Cost Efficiency

Digital training solutions allow museums to efficiently upskill their employees without the logistical costs of in-person sessions, such as instructor fees, meeting space, and travel reimbursement. Digital modules can be accessed on-demand, making it easier for staff to stay updated on the latest security protocols and operational changes. This flexible format reduces training expenses and ensures that employees receive timely, consistent instruction on new technology, security protocols, and visitor management practices, creating a more agile and knowledgeable workforce.

These examples illustrate how a strategic blend of staffing models, community engagement, and smart technology can impact museums’ operational efficiency and budget management. For more information on maximizing your budget, download our digital guide here.

See Original Post

Reposted from ArtSentry

Did you know one negative interaction can change a visitor’s entire view of your museum? A recent survey conducted by the American Alliance of Museums reveals some enlightening insights into how museum visitors perceive their experiences. Even a small number of negative visitor experiences can cast a long shadow over a museum’s reputation. For most visitors every interaction shapes their perception of the museum. Positive encounters enhance a visit, promoting loyalty and engagement, while negative experiences can result in dissatisfaction and potentially harmful reviews. This highlights the crucial importance of the visitor experience. 

According to the 2024 Annual Survey of Museumgoers, only 3% of respondents reported issues with staff, describing interactions as rude, inattentive, or unfriendly. While this is a small number, visitors who have negative experiences are nine times more likely to discuss their visit or leave a review compared to those with positive or neutral experiences. This amplifies the impact of these interactions on public perception, making it crucial for museums to promptly and effectively address potential visitor concerns.

Compared to those with positive experiences, dissatisfied visitors were:

• 60% more likely to be people of color

• 70% more likely to be parents/guardians of small children

• 29 times more likely to say the museum “doesn’t do anything well”

• 2.5 times more likely to criticize exhibitions

• 3 times more likely to mention high costs as a barrier

• 3 times more likely to feel museums are “outdated”

Family Friendly Spaces
Camera-Based Surveillance
Clear Signage and Wayfinding
Enhanced Visitor Services

 

Interestingly, many dissatisfied visitors still feel passionate about museums, often visiting for their children’s learning experiences. However, negative interactions can overshadow their overall experience, showing how one bad encounter can heavily influence perceptions.

By contrast, respondents who praised the museum for being welcoming and engaging were more involved and frequent visitors. These individuals generally find museums enjoyable and view them as valuable community assets, demonstrating how positive interactions foster a virtuous cycle of engagement and satisfaction. For the two-thirds of respondents who expressed neutral opinions about staff interactions, this likely indicates experiences that were neither memorable nor noteworthy. This segment is less engaged overall. Their connection has the potential to grow with more personalized, positive interactions. Museums can take several practical steps to improve visitor experience and minimize the risk of negative encounters: Many dissatisfied respondents were parents or guardians of young children. Museums can address this by creating family-friendly zones and interactive exhibits that engage children, and by training frontline staff to recognize developmentally appropriate behaviors for different age groups. When staff understand children’s behavior, they are better able to enforce rules with compassion, making visits less stressful for parents and enhancing their overall experience.

Surveillance cameras allow staff to monitor visitor flow, address congestion, and identify potential issues proactively. This helps staff respond discreetly to situations without disrupting visitors, enhancing security while reducing unnecessary interventions. By creating a more seamless experience, this technology can reduce stress on both staff and visitors, leading to a more welcoming atmosphere. Well-designed signage helps visitors navigate the museum independently, minimizing confusion and frustration. By helping visitors feel more confident in their surroundings, clear wayfinding reduces reliance on staff for basic inquiries, allowing for smoother, more self-guided visits. Providing well-trained frontline staff who can assist with everything from basic information to specialized guidance creates a welcoming environment. Museums that hire for attitude and provide ongoing training ensure that all visitors feel valued and understood. Although staff interactions are only one part of the museum visit, they have an outsized effect on visitor experience. Addressing concerns, supporting staff, and implementing tools like surveillance and signage can help visitors feel more welcome, secure, and inspired to return.

See Original Post

Reposted from SafeHaven Security

Upcoming Training

Date: January 23-24, 2025

Time: 8:30am-4:30pm CST (both days)

Location: SafeHaven Security Group Office

212 S 3rd St Unit 201, Rogers, AR 72756

Purpose:

Learn to recognize pre-incident indicators (warning signs) of potentially violent situations, to determine the danger level, and how to keep people safe.

Objectives:

1.  ASSESS situations of potential violence by recognizing warning signs you can identify before violence occurs
2.  MITIGATE and de-escalate potential violence through proven behavioral threat management strategies and tactics
3.  PROTECT the people you care about by keeping them safe and ensuring they feel safe. Protect against liabilities and protect your organization’s brand

CEU:

SHRM has approved this course for 16 credits.
HRCI has approved this course for 16 credits.

Candidates:

Human Resources, Workplace Safety, Security, Legal, Leadership Professionals and anyone who seeks to keep people safe from violence, active shooters, domestic violence spillover, etc

Curriculum:

You will receive life-saving instruction developed and taught by experts with decades of real-life experience in the field of Threat Assessment and Management. Methodologies used by mental health experts and agencies like the United States Secret Service to assess-mitigate-protect against potentially violent situations.

Method of Instruction:

This is a two day in-person course held at SafeHaven Security’s office. Certification requires successful completion of a competency-based exam at the end of the course to ensure you become proficient in the instruction you receive, participation in each course is limited to small groups.

See Original Post

Reposted from SafeHaven Security

Upcoming Training

Preparing for Civil Unrest

Webinar | Dec 5 | 10:00am CST

With political elections behind us and now an upcoming administration change, as a business professional, you need to be aware of the potential civil unrest and percussions for the business world. From altering economic policies to reshaping regulatory landscapes, the outcome of elections can directly affect your business operations and profitability. This webinar will provide you with practical information and steps on how you can use a combination of strategic planning, risk assessment and operational adjustments to minimize disruption and protect your people.

See Original Post